By Arslan Ud Din Shafiq, Alibaba Cloud Tech Share Author. Tech Share is Alibaba Cloud's incentive program to encourage the sharing of technical knowledge and best practices within the cloud community.
Harbor is an open-source, enterprise-class registry server which extends an open source Docker Distribution. Harbor includes Docker Distribution functionalities as well as other features such as identity, security, and management. As compared to Docker Distribution, Harbor has better performance and security.
Harbor stores and distribute Docker images; it has good image transfer efficiency and images are replicated among multiple registries. Harbor also provides advanced user management, activity auditing, access control and security features. You can setup multiple registries using Harbor.
Harbor is deployed as Docker containers, and therefore Linux distributions that support Docker are required. Harbor does not restrict its installation to any specific operating system (OS). You can use any operating system (OS) of your choice; however, the installation steps would vary according to the choice of operating system.
In this tutorial, we will be installing and configuring Harbor on an Alibaba Cloud Elastic Compute Service (ECS) instance with CentOS 7.
After completing the prerequisites, login as a root user with your root username & password via SSH client or VNC console available in your Alibaba Cloud account dashboard.
In the first step, you will add a new user and give it sudo privileges. Sudo privileges will allow this username to make administrative changes on system when required. This user will be used to login from via SSH for everyday use. Once you have added this user, to keep your server secure from various attacks, you will disable the remote root access to root user.
To create a new user account, use the following command:
# adduser aareez
where "aareez" can be any username of your choice.
You will need to set password for your added username. To set password, execute the following command:
# passwd aareez
Set your desired password and retype your desired password, then hit Enter. To confirm the data is correct, type Y and hit Enter.
Now assign username to sudo user's group to give administrative privileges. For this, we will check /etc/sudoers
file and see whether sudoers group is enabled or not. For this purpose, we will execute the following command:
# visudo
After executing the above command, a file will be opened, find the following lines in the opened file.
Sometimes by default the second line %wheel ALL=(ALL:ALL) ALL is commented (starting with hash # ), due to which even after adding username to sudoers, it gives error on using sudo. To prevent this issue, if this line starts with '#' sign, remove this symbol and save the changes by pressing Esc, type :x and hit enter.
Now, add your username "aareez" to the "wheel" group by executing the following command:
# usermod -aG wheel aareez
After execution of the above command, you can verify the membership for that group by executing the following command:
# groups aareez
Your username has been successfully added to sudoers group and it is able to execute any root command.
Now, log in by using your new username and password. OR Use the following command to switch user:
# su - aareez
You can see that you have been logged in from your new account now. If you want to verify this, you can use the command below:
# whoami
You will need to install wget to download files from URL. Execute the following command:
# sudo yum install wget
You will be asked to enter your password, then you will be prompted to confirmation message Is this ok?. Type Y and hit Enter.
You will need to install nano edit files. Execute the following command:
# sudo yum install nano
You will be prompted to confirmation message Is this ok?. Type Y and hit Enter.
You will need to install epel-release to import epel repository. Execute the following command:
# sudo yum install epel-release
You will be prompted to confirmation message Is this ok?. Type Y and hit Enter.
Before proceeding with installation of any kind of package, use the following command to update your CentOS system. To execute this command, remember to login from non-root user with sudo privileges.
First clear cache by executing following command:
# sudo yum clean all
Now update the system with the following command:
# sudo yum -y update
You will need to install yum-utils to import yum utils.
Execute the following command:
# sudo yum install yum-utils
You will be prompted to confirmation message Is this ok?. Type Y and hit Enter.
To install Docker ce and Docker compose, I recommend you to login as root user.
# su - root
First, you will need to install docker-ce. Execute the following command to repo for docker:
# yum-config-manager --add-repo https://download.docker.com/linux/centos/docker-ce.repo
Execute the following command:
# yum install docker-ce
You will be prompted to confirmation message Is this ok?. Type Y and hit Enter.
You will be asked again Is this ok? Type Y and hit Enter.
You will also need to install python-pip. Execute the following command:
# yum install python-pip
You will need to install docker-compose. Execute the following command to get latest version of docker-compose.
# pip install docker-compose
Now you will need to start docker by using the following command:
# systemctl start docker
To verify if the docker is working correctly, execute the following command.
# docker run hello-world
Before installing Harbor, switch to your own user with sudo rights. In my case, username is aareez, replace it with your username in the following command.
# su - aareez
To install Harbor, you will be required to download binary from release page. Binary is available in offline as well as online installer. You can use any of your choice.
For Online Installer
For online installer, execute the following command:
# wget https://github.com/vmware/harbor/releases/download/v1.2.0/harbor-online-installer-v1.2.0.tgz
For Offline Installer
For online installer, execute the following command:
# wget https://github.com/vmware/harbor/releases/download/v1.2.0/harbor-offline-installer-v1.2.0.tgz
Extract the package with the following command:
For Online Installer
# tar -xvf harbor-online-installer-v1.2.0.tgz
For Offline Installer
# tar -xvf harbor-offline-installer-v1.2.0.tgz
I recommend generating an SSL certificate for your Harbor instance; otherwise, it will use http by default and you will need to add --insecure-registry to your client's Docker daemon.
Switch to root user by executing the command su - root
and enter your password.
To generate your own SSL certificate, execute the commands below. Remember to change imarslan.com to your domain name.
# mkdir cert && cd cert
# openssl req -sha256 -x509 -days 365 -nodes -newkey rsa:4096 -keyout harbor.imarslan.com.key -out harbor.imarslan.com.crt
Enter your country code, only 2 letters. In my case, I used PK.
Enter the full name of your province.
Enter the full name of your city.
Enter the full name of your organization.
Enter the full name of your organizational unit.
Enter your common name. In my case, I used server's hostname.
Enter your email address.
Switch to your own created user with sudo rights. In my case, username is aareez.
# su - aareez
Navigate to /harbor/
directory.
# cd harbor
Now you will need to edit configuration file of Harbor. Execute the command below:
# sudo nano harbor.cfg
Copy and paste the text below in the opened file. Remember to change hostname according to your settings. Then press Ctrl+X, then type Y and then hit Enter to save your configuration.
hostname = harbor.imarslan.com
ui_url_protocol = https
ssl_cert = /root/cert/harbor.imarslan.com.crt
ssl_cert_key = /root/cert/harbor.imarslan.com.key
To complete the installation, execute the following command.
# sudo ./install.sh
Execute the following command to run docker in the background.
# sudo docker-compose up -d
Now you can access Harbor by accessing your domain or IP address of Alibaba Cloud ECS. In my case, I will access using http://www.imarslan.com and it will show the following screen.
You can login using the default username and password.
Username: admin
Password: Harbor12345
After logging in, you will see the following dashboard.
Congratulations, you have successfully installed Harbor!
2,599 posts | 764 followers
FollowOpenAnolis - April 7, 2023
Alibaba Clouder - April 1, 2019
Hiteshjethva - January 8, 2020
Alibaba Clouder - April 12, 2019
Alibaba Clouder - May 15, 2019
Alibaba Developer - September 16, 2020
2,599 posts | 764 followers
FollowElastic and secure virtual cloud servers to cater all your cloud hosting needs.
Learn MoreLearn More
Simplify the Operations and Management (O&M) of your computing resources
Learn MoreMore Posts by Alibaba Clouder